| File TODO changed (mode: 100644) (index 88e58b2..4b379bb) |
| 1 |
1 |
== Where I stopped last time == |
== Where I stopped last time == |
| 2 |
|
[ ] Investigate "event_signal_daemon: event_id=[] timeout=ms" |
|
| 3 |
|
NULL=no_wait, 0=forever |
|
| 4 |
|
rg_event_signal_daemon - timeout 0 OK |
|
| 5 |
|
rg_socket - timeout 0 OK |
|
| 6 |
|
socket_recv_wait - timeout 0 |
|
| 7 |
|
$rg_cache_timeout is pretty safe (0 or >0, NULL does not make sense) |
|
| 8 |
|
|
|
| 9 |
|
change NULL=forever, 0=no_wait |
|
| 10 |
|
rg_event_signal_daemon - timeout 0 OK |
|
| 11 |
|
rg_socket - timeout 0 OK |
|
| 12 |
|
socket_recv_wait - timeout 0 |
|
| 13 |
|
$rg_cache_timeout is pretty safe (0 or >0, NULL does not make sense) |
|
| 14 |
|
|
|
|
2 |
|
[ ] Not clear why I do not have rights to push a file: it fails on repo_path |
|
3 |
|
tests. I did not inject anything there. What should I inject?! |
|
4 |
|
We have injection only for owner. Keep in mind is a private repo. |
|
5 |
|
[ ] Integrate anonymous push. remove old sh file. |
|
6 |
|
[ ] Run unit tests |
|
7 |
|
[ ] git url is not ok. |
|
8 |
|
[ ] |
| 15 |
9 |
|
|
| 16 |
|
[ ] cache: on timeout, should we close the connection? |
|
| 17 |
|
Probably not, but we should flush the input after a timeout. |
|
| 18 |
|
[ ] Description passed in e-mail, may have security implications? |
|
| 19 |
|
[ ] Seems that repo description is not updated under repo name. A caching |
|
| 20 |
|
problem? |
|
| 21 |
|
[ ] Replace rg_var_str with rg_var_str_core. It is ok to not have escaped in |
|
| 22 |
|
db, but be careful with "HTML:" construct! Audit all HTML: and then |
|
| 23 |
|
switch. Do not forget that is a problem how it works now: |
|
| 24 |
|
for example, description that contains '<' will not work correctly. |
|
| 25 |
|
The problem is with HTML: vars that include unescaped vars. |
|
| 26 |
|
Is it possible? |
|
| 27 |
|
Seems is working for repo description. Do it everywhere? |
|
| 28 |
|
[ ] In loguri, la username, apar unele cu '?'. O fi de la cache |
|
| 29 |
|
+ bug-ul in user.inc? |
|
| 30 |
|
[ ] We should invalidate rights cache when repo goes from public -> private |
|
| 31 |
|
and viceversa. |
|
|
10 |
|
== BEFORE NEXT RELEASE == |
|
11 |
|
[ ] Delete anonymous push must take uid in consideration. Maybe also other ops. |
|
12 |
|
[ ] Add unit test also for paths. |
|
13 |
|
[ ] cache: we may have data with \x0 embedded. Check. |
|
14 |
|
[ ] Do we use users.rights?! |
|
15 |
|
[ ] Add some versioning mechanism to restart the cache daemon when the protocol |
|
16 |
|
changes. |
|
17 |
|
[ ] What happends when a user adds a nonexisting one letter code for rights? |
|
18 |
|
I should filter it out. |
|
19 |
|
[ ] Log attempts to inject <> inside vars. Maybe in rg_var_str? |
| 32 |
20 |
[ ] We should not call cosmetic in rights hl because we anyway load again the |
[ ] We should not call cosmetic in rights hl because we anyway load again the |
| 33 |
|
list. |
|
| 34 |
|
[ ] Add unit test for inject functions. |
|
| 35 |
|
[ ] When changing rights, invalidate/update cache. |
|
| 36 |
|
[ ] Retest repo rename. Better, add an unit test. |
|
| 37 |
|
[ ] We have big races for cache. But, the same with the database. |
|
|
21 |
|
list. Seems I do not do it. |
|
22 |
|
[ ] Get rid of 'qstats'. |
|
23 |
|
[ ] Do I test somewhere if a commit is bigger than max_commit_size? |
| 38 |
24 |
[ ] We must test in HL functions if we have rights, not in rg_user_remove & co. |
[ ] We must test in HL functions if we have rights, not in rg_user_remove & co. |
| 39 |
25 |
[ ] The caller of rg_user_make_admin must check rights for administering repo. |
[ ] The caller of rg_user_make_admin must check rights for administering repo. |
|
26 |
|
[ ] If a project is private and the admin gives "Access repo" to a user, |
|
27 |
|
that user sees the repo as public. Unit test. |
| 40 |
28 |
[ ] What right is "Access repo"?! I think is for web. Not clear. Check. |
[ ] What right is "Access repo"?! I think is for web. Not clear. Check. |
| 41 |
29 |
Seems is used on repo-page.php to give access or not to the repo. |
Seems is used on repo-page.php to give access or not to the repo. |
| 42 |
30 |
But I should only check if is public. |
But I should only check if is public. |
| 43 |
31 |
No, because the same test is used also for pivate repos. |
No, because the same test is used also for pivate repos. |
| 44 |
|
[ ] If a project is private and the admin gives "Access repo" to a user, |
|
| 45 |
|
that user sees the repo as public. Unit test. |
|
| 46 |
|
[ ] Run hook_update.sh test. It not passes anymore. |
|
| 47 |
32 |
[ ] I have to define what means a 'public' repo: fetch + see bugtracker? |
[ ] I have to define what means a 'public' repo: fetch + see bugtracker? |
| 48 |
|
[ ] In the process to remove 'ri.rights_text' and replace by 'public'. |
|
|
33 |
|
[ ] In loguri, la username, apar unele cu '?'. O fi de la cache |
|
34 |
|
+ bug-ul in user.inc? |
|
35 |
|
[ ] We should invalidate rights cache when repo goes from public -> private |
|
36 |
|
and viceversa. This is not so easy. Because the caching is not done by |
|
37 |
|
repo_id. |
|
38 |
|
And this is another problem. What about user_id and repo_id clashes?! |
|
39 |
|
No clashes because we have the type! |
|
40 |
|
So, when editing the repo and the repo is doing a switch private-repo |
|
41 |
|
we must to rg_cache_unset("rights_by_obj_id::$repo_id::type |
|
42 |
|
unde type poate fi "repo", "repo_refs", "repo_path" etc. |
| 49 |
43 |
[ ] serialize returns a binary string! Not ok to store it like this in db! |
[ ] serialize returns a binary string! Not ok to store it like this in db! |
| 50 |
|
|
|
| 51 |
|
== BEFORE NEXT RELEASE == |
|
|
44 |
|
unit test with \0? |
|
45 |
|
[ ] We have big races for cache. But, the same with the database. |
|
46 |
|
[ ] Retest repo rename. Better, add an unit test. |
|
47 |
|
[ ] When changing rights, invalidate/update cache. |
|
48 |
|
[ ] Replace rg_var_str with rg_var_str_core. It is ok to not have escaped in |
|
49 |
|
db, but be careful with "HTML:" construct! Audit all HTML: and then |
|
50 |
|
switch. Do not forget that is a problem how it works now: |
|
51 |
|
for example, description that contains '<' will not work correctly. |
|
52 |
|
The problem is with HTML: vars that include unescaped vars. |
|
53 |
|
Is it possible? |
|
54 |
|
Seems is working for repo description. Do it everywhere? |
|
55 |
|
[ ] Add unit test for inject functions. |
|
56 |
|
[ ] Description passed in e-mail, may have security implications? |
| 52 |
57 |
[ ] keywords for search. Really needed? |
[ ] keywords for search. Really needed? |
| 53 |
58 |
[ ] check: seems the browser uses 0x0d instead of 0x0a in textareas. unify? |
[ ] check: seems the browser uses 0x0d instead of 0x0a in textareas. unify? |
| 54 |
|
[ ] performance: update session only after the page was sent to the client! |
|
|
59 |
|
[ ] performance: update session only after the page was flushed to the client! |
| 55 |
60 |
[ ] ionut: http://blogs.atlassian.com/2014/10/git-summit-2014-video-roundup/?atl_medium=ACE |
[ ] ionut: http://blogs.atlassian.com/2014/10/git-summit-2014-video-roundup/?atl_medium=ACE |
| 56 |
61 |
[ ] Get rid of custom caches in all files! |
[ ] Get rid of custom caches in all files! |
| 57 |
62 |
[ ] Remove rg_menu stuff (replaced with templates). |
[ ] Remove rg_menu stuff (replaced with templates). |
| |
| 411 |
416 |
[ ] Third option: anybody can create an account but must be validated by admin. |
[ ] Third option: anybody can create an account but must be validated by admin. |
| 412 |
417 |
[ ] After creating the account, keep the user logged in and allow login |
[ ] After creating the account, keep the user logged in and allow login |
| 413 |
418 |
even if is not confirmed (option in config). |
even if is not confirmed (option in config). |
| 414 |
|
[ ] 'application_name' must be set something like rocketgit-q/web/etc. |
|
| 415 |
419 |
[ ] When I close a bug, seems I add myself to the watch table again! |
[ ] When I close a bug, seems I add myself to the watch table again! |
| 416 |
420 |
[ ] Should we load the lables in rg_bug_info? |
[ ] Should we load the lables in rg_bug_info? |
| 417 |
421 |
[ ] Do we need a rg_bug_cosmetic for notes/users/repos/etc? |
[ ] Do we need a rg_bug_cosmetic for notes/users/repos/etc? |
| File inc/bug.inc.php changed (mode: 100644) (index c00813a..472f151) |
| ... |
... |
function rg_bug_info($db, $repo_id, $bug_id) |
| 339 |
339 |
rg_bug_set_error("cannot list bugs (" . rg_sql_error() . ")"); |
rg_bug_set_error("cannot list bugs (" . rg_sql_error() . ")"); |
| 340 |
340 |
break; |
break; |
| 341 |
341 |
} |
} |
| 342 |
|
$ret = array(); |
|
| 343 |
|
$rows = rg_sql_num_rows($res); |
|
| 344 |
|
if ($rows == 1) |
|
| 345 |
|
$ret = rg_sql_fetch_array($res); |
|
| 346 |
|
rg_sql_free_result($res); |
|
| 347 |
342 |
|
|
| 348 |
343 |
$ret['ok'] = 1; |
$ret['ok'] = 1; |
| 349 |
|
$ret['exists'] = $rows; |
|
| 350 |
|
if ($ret['exists'] == 1) |
|
|
344 |
|
|
|
345 |
|
$rows = rg_sql_num_rows($res); |
|
346 |
|
if ($rows == 1) { |
|
347 |
|
$row = rg_sql_fetch_array($res); |
|
348 |
|
$ret = array_merge($ret, $row); |
|
349 |
|
$ret['exists'] = 1; |
| 351 |
350 |
rg_bug_cosmetic($db, $ret); |
rg_bug_cosmetic($db, $ret); |
|
351 |
|
} |
|
352 |
|
rg_sql_free_result($res); |
| 352 |
353 |
|
|
| 353 |
354 |
// We set the cache even on non-existent bug |
// We set the cache even on non-existent bug |
| 354 |
355 |
rg_cache_set($key, $ret); |
rg_cache_set($key, $ret); |
| |
| ... |
... |
function rg_bug_edit($db, $login_ui, $ri, $data) |
| 497 |
498 |
} |
} |
| 498 |
499 |
|
|
| 499 |
500 |
// update cache |
// update cache |
|
501 |
|
$data['ok'] = 1; |
|
502 |
|
$data['exists'] = 1; |
| 500 |
503 |
$key = $ri['repo_id'] . "::bugs::" . $data['bug_id']; |
$key = $ri['repo_id'] . "::bugs::" . $data['bug_id']; |
| 501 |
504 |
rg_bug_cosmetic($db, $data); |
rg_bug_cosmetic($db, $data); |
| 502 |
505 |
rg_cache_set($key, $data); |
rg_cache_set($key, $data); |
| |
| ... |
... |
function rg_bug_edit_high_level($db, &$rg) |
| 1283 |
1286 |
|
|
| 1284 |
1287 |
$hints = array(); |
$hints = array(); |
| 1285 |
1288 |
$hints[]['HTML:hint'] = rg_template("hints/repo/bug/add.html", $rg); |
$hints[]['HTML:hint'] = rg_template("hints/repo/bug/add.html", $rg); |
| 1286 |
|
$rg['HTML:hints'] = rg_template_table("hints/list", $hints, $rg); |
|
|
1289 |
|
$rg['HTML:bug_edit_hints'] = rg_template_table("hints/list", $hints, $rg); |
| 1287 |
1290 |
|
|
| 1288 |
1291 |
$ret .= rg_template("repo/bug/bug_add_edit.html", $rg); |
$ret .= rg_template("repo/bug/bug_add_edit.html", $rg); |
| 1289 |
1292 |
} |
} |
| File inc/cache.inc.php changed (mode: 100644) (index e3007db..df332b9) |
| ... |
... |
require_once($INC . "/sql.inc.php"); |
| 7 |
7 |
require_once($INC . "/prof.inc.php"); |
require_once($INC . "/prof.inc.php"); |
| 8 |
8 |
|
|
| 9 |
9 |
// Client side can disable the cache for various reasons (unit testing etc.) |
// Client side can disable the cache for various reasons (unit testing etc.) |
| 10 |
|
$rg_cache_enable = TRUE; |
|
|
10 |
|
if (!isset($rg_cache_enable)) |
|
11 |
|
$rg_cache_enable = TRUE; |
| 11 |
12 |
|
|
| 12 |
13 |
// timeout in miliseconds |
// timeout in miliseconds |
| 13 |
14 |
$rg_cache_timeout = 100; |
$rg_cache_timeout = 100; |
| |
| ... |
... |
function rg_cache_set($ns_var, $value) |
| 358 |
359 |
|
|
| 359 |
360 |
$c = rg_socket($rg_cache_socket, "SET " . $ns_var . "=" |
$c = rg_socket($rg_cache_socket, "SET " . $ns_var . "=" |
| 360 |
361 |
. rg_cache_prepare($value) . "\n", $rg_cache_timeout); |
. rg_cache_prepare($value) . "\n", $rg_cache_timeout); |
| 361 |
|
if ($c === FALSE) |
|
|
362 |
|
if ($c === FALSE) { |
|
363 |
|
// Give up for the rest of the session |
|
364 |
|
$rg_cache_enable = FALSE; |
| 362 |
365 |
break; |
break; |
|
366 |
|
} |
| 363 |
367 |
|
|
| 364 |
368 |
if (strncmp($c, "OK", 2) != 0) |
if (strncmp($c, "OK", 2) != 0) |
| 365 |
369 |
break; |
break; |
| |
| ... |
... |
function rg_cache_inc($ns_var) |
| 394 |
398 |
|
|
| 395 |
399 |
$c = rg_socket($rg_cache_socket, |
$c = rg_socket($rg_cache_socket, |
| 396 |
400 |
"INC " . $ns_var . "\n", $rg_cache_timeout); |
"INC " . $ns_var . "\n", $rg_cache_timeout); |
| 397 |
|
if ($c === FALSE) |
|
|
401 |
|
if ($c === FALSE) { |
|
402 |
|
// Give up for the rest of the session |
|
403 |
|
$rg_cache_enable = FALSE; |
| 398 |
404 |
break; |
break; |
|
405 |
|
} |
| 399 |
406 |
|
|
| 400 |
407 |
if (strncmp($c, "OK", 2) != 0) |
if (strncmp($c, "OK", 2) != 0) |
| 401 |
408 |
break; |
break; |
| |
| ... |
... |
function rg_cache_unset($ns_var) |
| 434 |
441 |
|
|
| 435 |
442 |
$ret = rg_socket($rg_cache_socket, |
$ret = rg_socket($rg_cache_socket, |
| 436 |
443 |
"UNSET " . $ns_var . "\n", $rg_cache_timeout); |
"UNSET " . $ns_var . "\n", $rg_cache_timeout); |
| 437 |
|
if ($ret === FALSE) |
|
|
444 |
|
if ($ret === FALSE) { |
|
445 |
|
// Give up for the rest of the session |
|
446 |
|
$rg_cache_enable = FALSE; |
| 438 |
447 |
break; |
break; |
|
448 |
|
} |
| 439 |
449 |
|
|
| 440 |
450 |
// TODO: return old value? |
// TODO: return old value? |
| 441 |
451 |
if (strncmp($ret, "OK", 2) != 0) |
if (strncmp($ret, "OK", 2) != 0) |
| |
| ... |
... |
function rg_cache_merge($ns_var, $list) |
| 471 |
481 |
|
|
| 472 |
482 |
$c = rg_socket($rg_cache_socket, "MERGE " . $ns_var . "=" |
$c = rg_socket($rg_cache_socket, "MERGE " . $ns_var . "=" |
| 473 |
483 |
. rg_cache_prepare($list) . "\n", $rg_cache_timeout); |
. rg_cache_prepare($list) . "\n", $rg_cache_timeout); |
| 474 |
|
if ($c === FALSE) |
|
|
484 |
|
if ($c === FALSE) { |
|
485 |
|
// Give up for the rest of the session |
|
486 |
|
$rg_cache_enable = FALSE; |
| 475 |
487 |
break; |
break; |
|
488 |
|
} |
| 476 |
489 |
|
|
| 477 |
490 |
if (strncmp($c, "OK", 2) != 0) |
if (strncmp($c, "OK", 2) != 0) |
| 478 |
491 |
break; |
break; |
| File inc/git.inc.php changed (mode: 100644) (index d060bf7..338b0f4) |
| ... |
... |
function rg_git_stats($log) |
| 764 |
764 |
*/ |
*/ |
| 765 |
765 |
function rg_git_files($old, $new) |
function rg_git_files($old, $new) |
| 766 |
766 |
{ |
{ |
|
767 |
|
global $rg_git_zero; |
|
768 |
|
global $rg_git_empty; |
|
769 |
|
|
| 767 |
770 |
rg_prof_start("git_files"); |
rg_prof_start("git_files"); |
| 768 |
771 |
rg_log_enter("rg_git_files old=$old new=$new"); |
rg_log_enter("rg_git_files old=$old new=$new"); |
| 769 |
772 |
|
|
| |
| ... |
... |
function rg_git_files($old, $new) |
| 772 |
775 |
|
|
| 773 |
776 |
$ret = FALSE; |
$ret = FALSE; |
| 774 |
777 |
while (1) { |
while (1) { |
|
778 |
|
if (strcmp($old, $rg_git_zero) == 0) |
|
779 |
|
$old = $rg_git_empty; |
|
780 |
|
|
| 775 |
781 |
$cmd = "git diff --name-only " . escapeshellarg($old) . " " . escapeshellarg($new); |
$cmd = "git diff --name-only " . escapeshellarg($old) . " " . escapeshellarg($new); |
| 776 |
782 |
$a = rg_exec($cmd); |
$a = rg_exec($cmd); |
| 777 |
783 |
if ($a['ok'] != 1) { |
if ($a['ok'] != 1) { |
| 778 |
|
rg_git_set_error("error on ls-tree (" . $a['errmsg'] . ")"); |
|
|
784 |
|
rg_git_set_error("error on git diff (" . $a['errmsg'] . ")"); |
| 779 |
785 |
break; |
break; |
| 780 |
786 |
} |
} |
| 781 |
787 |
|
|
| |
| ... |
... |
function rg_git_update_branch($db, $a) |
| 1040 |
1046 |
if ($r === FALSE) |
if ($r === FALSE) |
| 1041 |
1047 |
rg_git_fatal($a['refname'] . "\nInternal error, try again later\n"); |
rg_git_fatal($a['refname'] . "\nInternal error, try again later\n"); |
| 1042 |
1048 |
foreach ($r as $file) { |
foreach ($r as $file) { |
| 1043 |
|
if (rg_rights_allow($db, $a['repo_id'], "repo_refs", $a['repo.uid'], $uid, "P", $ip, $file) !== TRUE) { |
|
|
1049 |
|
if (rg_rights_allow($db, $a['repo_id'], "repo_path", |
|
1050 |
|
$a['repo.uid'], $uid, "P", $ip, $file) !== TRUE) { |
| 1044 |
1051 |
rg_git_fatal($a['refname'] |
rg_git_fatal($a['refname'] |
| 1045 |
|
. "\nNo rights to push file [$path]\n"); |
|
|
1052 |
|
. "\nNo rights to push file [$file]\n"); |
| 1046 |
1053 |
} |
} |
| 1047 |
1054 |
|
|
| 1048 |
|
if (!rg_rights_allow($db, $a['repo_id'], "repo_refs", $a['repo.uid'], $uid, "W", $ip, $a['refname'])) { |
|
|
1055 |
|
if (!rg_rights_allow($db, $a['repo_id'], "repo_path", |
|
1056 |
|
$a['repo.uid'], $uid, "W", $ip, $a['refname'])) { |
| 1049 |
1057 |
$w = rg_git_whitespace_ok($a['old_rev'], $a['new_rev']); |
$w = rg_git_whitespace_ok($a['old_rev'], $a['new_rev']); |
| 1050 |
1058 |
if ($w !== TRUE) { |
if ($w !== TRUE) { |
| 1051 |
1059 |
rg_git_fatal($a['refname'] |
rg_git_fatal($a['refname'] |
| File inc/repo.inc.php changed (mode: 100644) (index 6b9e1a5..62b1dea) |
| ... |
... |
$rg_repo_refs_rights = array( |
| 13 |
13 |
"P" => "Push", |
"P" => "Push", |
| 14 |
14 |
"H" => "Anonymous push", |
"H" => "Anonymous push", |
| 15 |
15 |
"S" => "Create annotated tag", |
"S" => "Create annotated tag", |
| 16 |
|
"n" => "Delete annotated tag", // Seems this cannot be deleted. Remove this from here! |
|
|
16 |
|
"n" => "Delete annotated tag", |
| 17 |
17 |
"Y" => "Create un-annotated tag", |
"Y" => "Create un-annotated tag", |
| 18 |
18 |
"U" => "Modify un-annotated tag", |
"U" => "Modify un-annotated tag", |
| 19 |
19 |
"u" => "Delete un-annotated tag", |
"u" => "Delete un-annotated tag", |
| |
| ... |
... |
$rg_repo_path_rights = array( |
| 31 |
31 |
|
|
| 32 |
32 |
$rg_repo_rights = array( |
$rg_repo_rights = array( |
| 33 |
33 |
"A" => "Access repo", |
"A" => "Access repo", |
| 34 |
|
"E" => "Edit repo", /* also create */ |
|
|
34 |
|
"E" => "Create/edit repo", |
| 35 |
35 |
"D" => "Delete repo", |
"D" => "Delete repo", |
| 36 |
36 |
"G" => "Grant rights", |
"G" => "Grant rights", |
| 37 |
37 |
"a" => "Access bug tracker", |
"a" => "Access bug tracker", |
| |
| ... |
... |
$rg_repo_rights = array( |
| 44 |
44 |
// TODO: default rights should go into conf file? |
// TODO: default rights should go into conf file? |
| 45 |
45 |
// TODO: better move all config to database (modulo db conn info)? |
// TODO: better move all config to database (modulo db conn info)? |
| 46 |
46 |
|
|
| 47 |
|
rg_rights_register("repo_refs", $rg_repo_refs_rights, "FMH", "rg_repo_compare_refs", "rg_repo_rights_inject"); |
|
| 48 |
|
rg_rights_register("repo_path", $rg_repo_path_rights, "P", "rg_repo_compare_paths", "rg_repo_rights_inject"); |
|
| 49 |
|
rg_rights_register("repo", $rg_repo_rights, "AB", FALSE, "rg_repo_rights_inject"); |
|
|
47 |
|
rg_rights_register("repo_refs", $rg_repo_refs_rights, "FMH", |
|
48 |
|
"rg_repo_compare_refs", "rg_repo_rights_inject"); |
|
49 |
|
rg_rights_register("repo_path", $rg_repo_path_rights, "P", |
|
50 |
|
"rg_repo_compare_paths", "rg_repo_rights_inject"); |
|
51 |
|
rg_rights_register("repo", $rg_repo_rights, "AB", |
|
52 |
|
FALSE, "rg_repo_rights_inject"); |
| 50 |
53 |
|
|
| 51 |
54 |
/* |
/* |
| 52 |
55 |
* Function used to inject rights for a obj_id/type combination |
* Function used to inject rights for a obj_id/type combination |
| |
| ... |
... |
function rg_repo_ok($repo) |
| 528 |
531 |
return FALSE; |
return FALSE; |
| 529 |
532 |
} |
} |
| 530 |
533 |
|
|
| 531 |
|
if (strlen($repo) < $rg_repo_min_len) { |
|
|
534 |
|
$len = strlen($repo); |
|
535 |
|
rg_log("CHECK: strlen($repo)=$len"); |
|
536 |
|
if ($len < $rg_repo_min_len) { |
| 532 |
537 |
rg_repo_set_error("repository name is too short" |
rg_repo_set_error("repository name is too short" |
| 533 |
|
. " (minimum $rg_repo_min_len)"); |
|
|
538 |
|
. " (minimum $rg_repo_min_len < $len)"); |
| 534 |
539 |
return FALSE; |
return FALSE; |
| 535 |
540 |
} |
} |
| 536 |
541 |
|
|
| 537 |
|
if (strlen($repo) > $rg_repo_max_len) { |
|
|
542 |
|
if ($len > $rg_repo_max_len) { |
| 538 |
543 |
rg_repo_set_error("repository name is too long" |
rg_repo_set_error("repository name is too long" |
| 539 |
|
. " (maximum $rg_repo_max_len)"); |
|
|
544 |
|
. " (maximum $rg_repo_max_len > $len)"); |
| 540 |
545 |
return FALSE; |
return FALSE; |
| 541 |
546 |
} |
} |
| 542 |
547 |
|
|
| |
| ... |
... |
function rg_repo_info($db, $repo_id, $uid, $repo_name) |
| 627 |
632 |
if (($rows == 0) && ($repo_id == 0)) { |
if (($rows == 0) && ($repo_id == 0)) { |
| 628 |
633 |
// Repo not found, maybe it was renamed |
// Repo not found, maybe it was renamed |
| 629 |
634 |
$_repo_id = rg_repo_lookup_by_old_name($db, $uid, $repo_name); |
$_repo_id = rg_repo_lookup_by_old_name($db, $uid, $repo_name); |
| 630 |
|
if (($_repo_id === FALSE) || ($_repo_id == 0)) { |
|
| 631 |
|
rg_log("\tRepo not found!"); |
|
|
635 |
|
if ($_repo_id === FALSE) |
| 632 |
636 |
break; |
break; |
| 633 |
|
} |
|
| 634 |
637 |
|
|
| 635 |
|
$ret = rg_repo_info($db, $_repo_id, 0, ""); |
|
| 636 |
|
break; |
|
|
638 |
|
if ($_repo_id > 0) { |
|
639 |
|
$ret = rg_repo_info($db, $_repo_id, 0, ""); |
|
640 |
|
break; |
|
641 |
|
} |
| 637 |
642 |
} |
} |
| 638 |
643 |
|
|
| 639 |
644 |
$ret['ok'] = 1; |
$ret['ok'] = 1; |
| 640 |
645 |
if ($rows > 0) { |
if ($rows > 0) { |
| 641 |
646 |
rg_repo_cosmetic($ret); |
rg_repo_cosmetic($ret); |
| 642 |
647 |
$ret['exists'] = 1; |
$ret['exists'] = 1; |
|
648 |
|
} else { |
|
649 |
|
$ret['exists'] = 0; |
| 643 |
650 |
} |
} |
|
651 |
|
rg_log_ml("CHECK: ret=" . print_r($ret, TRUE)); |
| 644 |
652 |
|
|
| 645 |
653 |
rg_cache_set("repo_by_id::$repo_id", $ret); |
rg_cache_set("repo_by_id::$repo_id", $ret); |
| 646 |
654 |
|
|
| |
| ... |
... |
function rg_repo_edit($db, $login_ui, &$new) |
| 930 |
938 |
} |
} |
| 931 |
939 |
|
|
| 932 |
940 |
$new['ok'] = 1; |
$new['ok'] = 1; |
|
941 |
|
$new['exists'] = 1; |
| 933 |
942 |
rg_cache_set("repo_by_id::" . $new['repo_id'], $new); |
rg_cache_set("repo_by_id::" . $new['repo_id'], $new); |
| 934 |
943 |
rg_cache_set("repo_by_name::" . $login_ui['uid'] . "::" |
rg_cache_set("repo_by_name::" . $login_ui['uid'] . "::" |
| 935 |
944 |
. $new['name'], $new['repo_id']); |
. $new['name'], $new['repo_id']); |
| |
| ... |
... |
function rg_repo_git_done($db, $repo_id) |
| 1139 |
1148 |
return $ret; |
return $ret; |
| 1140 |
1149 |
} |
} |
| 1141 |
1150 |
|
|
| 1142 |
|
/* |
|
| 1143 |
|
* Add in queue a statistic file |
|
| 1144 |
|
*/ |
|
| 1145 |
|
function rg_repo_stats_push2file($a) |
|
| 1146 |
|
{ |
|
| 1147 |
|
global $rg_state_dir; |
|
| 1148 |
|
|
|
| 1149 |
|
$q = $rg_state_dir . "/qstats"; |
|
| 1150 |
|
if (!is_dir($q)) { |
|
| 1151 |
|
$r = @mkdir($q, 0700); |
|
| 1152 |
|
if ($r !== TRUE) { |
|
| 1153 |
|
rg_internal_error("Cannot create dir [$q] ($php_errormsg)!"); |
|
| 1154 |
|
return FALSE; |
|
| 1155 |
|
} |
|
| 1156 |
|
} |
|
| 1157 |
|
|
|
| 1158 |
|
$buf = serialize($a); |
|
| 1159 |
|
$file = sha1($buf); |
|
| 1160 |
|
$r = file_put_contents($q . "/" . $file, $buf); |
|
| 1161 |
|
if ($r === FALSE) { |
|
| 1162 |
|
rg_internal_error("Cannot store file in qstats ($php_errormsg)!"); |
|
| 1163 |
|
return FALSE; |
|
| 1164 |
|
} |
|
| 1165 |
|
|
|
| 1166 |
|
return $file; |
|
| 1167 |
|
} |
|
| 1168 |
|
|
|
| 1169 |
1151 |
/* |
/* |
| 1170 |
1152 |
* High level function to delete rights ids |
* High level function to delete rights ids |
| 1171 |
1153 |
*/ |
*/ |
| 1172 |
|
function rg_repo_admin_delete_rights($db, &$rg, $obj_id, &$errmsg) |
|
|
1154 |
|
function rg_repo_admin_delete_rights($db, $rg, $obj_id, &$errmsg) |
| 1173 |
1155 |
{ |
{ |
| 1174 |
1156 |
$errmsg = array(); |
$errmsg = array(); |
| 1175 |
1157 |
|
|
| |
| ... |
... |
function rg_repo_admin_delete_rights($db, &$rg, $obj_id, &$errmsg) |
| 1188 |
1170 |
} |
} |
| 1189 |
1171 |
|
|
| 1190 |
1172 |
/* |
/* |
| 1191 |
|
* High level function for Repo -> Admin -> Rights -> Repo/Refs rights menu. |
|
|
1173 |
|
* High level function for Repo -> Admin -> Rights -> Repo/Refs/Path rights menu. |
| 1192 |
1174 |
*/ |
*/ |
| 1193 |
|
function rg_repo_admin_rights($db, &$rg, $type) |
|
|
1175 |
|
function rg_repo_admin_rights($db, $rg, $type) |
| 1194 |
1176 |
{ |
{ |
| 1195 |
1177 |
rg_log("rg_repo_admin_rights type=$type"); |
rg_log("rg_repo_admin_rights type=$type"); |
| 1196 |
1178 |
|
|
| |
| ... |
... |
function rg_repo_edit_high_level($db, &$rg) |
| 1417 |
1399 |
$rg['ri']['name'] = ""; |
$rg['ri']['name'] = ""; |
| 1418 |
1400 |
$rg['ri']['max_commit_size'] = "0"; |
$rg['ri']['max_commit_size'] = "0"; |
| 1419 |
1401 |
$rg['ri']['description'] = ""; |
$rg['ri']['description'] = ""; |
| 1420 |
|
$rg['ri']['master_repo_id'] = "0"; |
|
| 1421 |
1402 |
$rg['ri']['public'] = "1"; |
$rg['ri']['public'] = "1"; |
| 1422 |
1403 |
} |
} |
| 1423 |
1404 |
break; |
break; |
| |
| ... |
... |
function rg_repo_edit_high_level($db, &$rg) |
| 1430 |
1411 |
} |
} |
| 1431 |
1412 |
|
|
| 1432 |
1413 |
$rg['ri']['repo_id'] = rg_var_uint("repo_id"); |
$rg['ri']['repo_id'] = rg_var_uint("repo_id"); |
|
1414 |
|
$rg['ri']['master'] = rg_var_uint("master"); |
| 1433 |
1415 |
$rg['ri']['name'] = rg_var_str("name"); // TODO: filter name! |
$rg['ri']['name'] = rg_var_str("name"); // TODO: filter name! |
| 1434 |
1416 |
$rg['ri']['max_commit_size'] = rg_var_uint("max_commit_size"); |
$rg['ri']['max_commit_size'] = rg_var_uint("max_commit_size"); |
| 1435 |
1417 |
$rg['ri']['description'] = rg_var_str_core("description"); |
$rg['ri']['description'] = rg_var_str_core("description"); |
| 1436 |
1418 |
$rg['ri']['public'] = rg_var_bool("public"); |
$rg['ri']['public'] = rg_var_bool("public"); |
| 1437 |
|
$rg['ri']['master'] = rg_var_uint("master"); |
|
| 1438 |
1419 |
rg_repo_cosmetic($rg['ri']); |
rg_repo_cosmetic($rg['ri']); |
| 1439 |
|
rg_log_ml("CHECK: after repo edit: rg[ri]=" . print_r($rg['ri'], TRUE)); |
|
|
1420 |
|
//rg_log_ml("CHECK: after repo edit: rg[ri]=" . print_r($rg['ri'], TRUE)); |
| 1440 |
1421 |
|
|
| 1441 |
1422 |
$r = rg_repo_edit($db, $rg['login_ui'], $rg['ri']); |
$r = rg_repo_edit($db, $rg['login_ui'], $rg['ri']); |
| 1442 |
1423 |
if ($r === FALSE) { |
if ($r === FALSE) { |
| |
| ... |
... |
function rg_repo_edit_high_level($db, &$rg) |
| 1470 |
1451 |
$rg['rg_form_token'] = rg_token_get($db, $rg['sid']); |
$rg['rg_form_token'] = rg_token_get($db, $rg['sid']); |
| 1471 |
1452 |
$hints = array(); |
$hints = array(); |
| 1472 |
1453 |
$hints[]['HTML:hint'] = rg_template("hints/repo/create_repo.html", $rg); |
$hints[]['HTML:hint'] = rg_template("hints/repo/create_repo.html", $rg); |
| 1473 |
|
$rg['HTML:hints'] = rg_template_table("hints/list", $hints, $rg); |
|
|
1454 |
|
$rg['HTML:repo_edit_hints'] = rg_template_table("hints/list", $hints, $rg); |
| 1474 |
1455 |
$ret .= rg_template("repo/add_edit.html", $rg); |
$ret .= rg_template("repo/add_edit.html", $rg); |
| 1475 |
1456 |
} |
} |
| 1476 |
1457 |
|
|
| File tests/common.php changed (mode: 100644) (index a0825f5..017697b) |
| 1 |
1 |
<?php |
<?php |
| 2 |
|
$INC = "../inc"; |
|
|
2 |
|
$INC = dirname(__FILE__) . "/../inc"; |
| 3 |
3 |
require_once($INC . "/state.inc.php"); |
require_once($INC . "/state.inc.php"); |
| 4 |
4 |
require_once($INC . "/sql.inc.php"); |
require_once($INC . "/sql.inc.php"); |
| 5 |
5 |
require_once($INC . "/struct.inc.php"); |
require_once($INC . "/struct.inc.php"); |
| 6 |
6 |
require_once($INC . "/fixes.inc.php"); |
require_once($INC . "/fixes.inc.php"); |
| 7 |
7 |
|
|
| 8 |
|
// Defaults |
|
| 9 |
|
$rg_base = dirname(__FILE__); |
|
| 10 |
|
$rg_sql_debug = 1; |
|
| 11 |
|
$rg_session_time = 3600; |
|
| 12 |
|
$rg_keys_file = "afile.txt"; |
|
| 13 |
|
$rg_scripts = dirname(dirname(__FILE__)); |
|
| 14 |
|
$rg_repo_allow = '/^[\pL\pN\pP_]*$/uUD'; |
|
| 15 |
|
$rg_repo_min_len = 1; |
|
| 16 |
|
$rg_repo_max_len = 100; |
|
| 17 |
|
$rg_user_allow = '/^[\pL\pN\pP_]*$/uUD'; |
|
| 18 |
|
$rg_user_min_len = 1; |
|
| 19 |
|
$rg_user_max_len = 20; |
|
| 20 |
|
$rg_ssh_paras = "no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty"; |
|
| 21 |
|
$rg_admin_name = "RocketGit Admin (test)"; |
|
| 22 |
|
$rg_admin_email = "admin@site.tld"; |
|
| 23 |
|
$rg_account_allow_creation = 1; |
|
| 24 |
|
$rg_account_email_confirm = 0; |
|
| 25 |
|
$rg_max_ssh_keys = 10; |
|
| 26 |
|
$rg_log_dir = dirname(__FILE__); |
|
| 27 |
|
$rg_web_log_dir = dirname(__FILE__); |
|
| 28 |
|
$rg_state_dir = dirname(__FILE__); |
|
| 29 |
|
$rg_lock_dir = dirname(__FILE__); |
|
| 30 |
|
$rg_repos = "base"; |
|
| 31 |
|
$rg_theme_dir = "themes"; |
|
| 32 |
|
$rg_theme = "util"; |
|
| 33 |
|
$rg_lang = "en"; |
|
| 34 |
|
$rg_cache_enable = FALSE; |
|
| 35 |
|
$rg_event_socket = ""; |
|
| 36 |
|
|
|
| 37 |
|
if (isset($rg_no_db) && $rg_no_db) |
|
| 38 |
|
return; |
|
| 39 |
|
|
|
| 40 |
|
$db = rg_sql_open("dbname=trg"); |
|
|
8 |
|
rg_sql_app("rg-tests"); |
|
9 |
|
$db = rg_sql_open($rg_sql); |
| 41 |
10 |
if ($db === FALSE) { |
if ($db === FALSE) { |
| 42 |
11 |
rg_log("Cannot create a database (" . rg_sql_error() . ")!"); |
rg_log("Cannot create a database (" . rg_sql_error() . ")!"); |
| 43 |
12 |
exit(1); |
exit(1); |
| 44 |
13 |
} |
} |
| 45 |
14 |
|
|
| 46 |
|
// Force schema ver 0 to be able to apply updates |
|
| 47 |
|
$r = rg_state_set($db, "schema_version", "0"); |
|
| 48 |
|
if ($r !== TRUE) { |
|
| 49 |
|
echo "Cannot reset schema (" . rg_state_error() . ")!\n"; |
|
| 50 |
|
exit(1); |
|
| 51 |
|
} |
|
|
15 |
|
if (isset($rg_no_db) && $rg_no_db) |
|
16 |
|
return; |
|
17 |
|
|
|
18 |
|
rg_log("Redo schema..."); |
| 52 |
19 |
|
|
| 53 |
|
$r = rg_sql_struct_update($db, RG_DROP_TABLES|RG_IGNORE_ERRORS); |
|
|
20 |
|
$r = rg_sql_struct_update($db, 0); |
| 54 |
21 |
if ($r !== TRUE) { |
if ($r !== TRUE) { |
| 55 |
22 |
rg_log("Cannot create struct (" . rg_sql_error() . ")!"); |
rg_log("Cannot create struct (" . rg_sql_error() . ")!"); |
| 56 |
23 |
exit(1); |
exit(1); |
| File tests/hook_update.sh changed (mode: 100755) (index f9d0eaa..fc009b9) |
| 1 |
1 |
#!/bin/bash |
#!/bin/bash |
| 2 |
2 |
|
|
| 3 |
|
export ROCKETGIT_CONF_FILE="`pwd`/common.php" |
|
|
3 |
|
tests=`pwd` |
|
4 |
|
|
|
5 |
|
export ROCKETGIT_CONF_FILE="`pwd`/config.php" |
|
6 |
|
export ROCKETGIT_LOGIN_UID=1234 |
|
7 |
|
export ROCKETGIT_REPO_ID=5678 |
|
8 |
|
export ROCKETGIT_IP="127.0.0.1" |
|
9 |
|
export ROCKETGIT_REPO_PATH="`pwd`/hook_update_dest.git" |
|
10 |
|
export ROCKETGIT_REPO_UID=22 |
| 4 |
11 |
|
|
| 5 |
12 |
rm -rf hook_update_*.git |
rm -rf hook_update_*.git |
| 6 |
13 |
mkdir hook_update_dest.git |
mkdir hook_update_dest.git |
| |
| ... |
... |
mkdir hook_update_dest.git |
| 8 |
15 |
cd hook_update_dest.git |
cd hook_update_dest.git |
| 9 |
16 |
git init --bare |
git init --bare |
| 10 |
17 |
) |
) |
| 11 |
|
cp ../hooks/update hook_update_dest.git/hooks/ |
|
|
18 |
|
cp -v ../hooks/update hook_update_dest.git/hooks/ |
| 12 |
19 |
|
|
| 13 |
20 |
git clone hook_update_dest.git hook_update_src.git |
git clone hook_update_dest.git hook_update_src.git |
| 14 |
21 |
|
|
| 15 |
22 |
cd hook_update_src.git |
cd hook_update_src.git |
| 16 |
23 |
|
|
|
24 |
|
php ${tests}/hook_update_help.php init |
|
25 |
|
if [ "${?}" != "0" ]; then |
|
26 |
|
echo "Cannot init user and repo!" |
|
27 |
|
exit 1 |
|
28 |
|
fi |
|
29 |
|
|
|
30 |
|
echo |
| 17 |
31 |
echo "=== Testing push without rights..." |
echo "=== Testing push without rights..." |
| 18 |
32 |
echo "aaa" > a |
echo "aaa" > a |
| 19 |
33 |
git add a |
git add a |
| 20 |
|
git commit -m "a" a |
|
|
34 |
|
git commit -m "a" a >/dev/null || exit 1 |
| 21 |
35 |
echo "bbb" >> a |
echo "bbb" >> a |
| 22 |
|
git commit -m "b" a |
|
|
36 |
|
git commit -m "b" a >/dev/null || exit 1 |
|
37 |
|
#strace -s200 -ff -o ${tests}/hook_update.strace \ |
| 23 |
38 |
git push origin master |
git push origin master |
| 24 |
39 |
if [ "${?}" != "1" ]; then |
if [ "${?}" != "1" ]; then |
| 25 |
40 |
echo "Should not work!" |
echo "Should not work!" |
| |
| ... |
... |
if [ "${?}" != "1" ]; then |
| 27 |
42 |
fi |
fi |
| 28 |
43 |
echo "=== Testing push with rights..." |
echo "=== Testing push with rights..." |
| 29 |
44 |
export ROCKETGIT_REPO_RIGHTS="CP" |
export ROCKETGIT_REPO_RIGHTS="CP" |
| 30 |
|
#strace -o cata.strace -ff -s200 \ |
|
|
45 |
|
php ${tests}/hook_update_help.php refs |
|
46 |
|
#strace -s200 -ff -o ${tests}/hook_update.strace \ |
| 31 |
47 |
git push origin master |
git push origin master |
| 32 |
48 |
if [ "${?}" != "0" ]; then |
if [ "${?}" != "0" ]; then |
| 33 |
49 |
echo "Should work!" |
echo "Should work!" |
| 34 |
50 |
exit 1 |
exit 1 |
| 35 |
51 |
fi |
fi |
| 36 |
52 |
|
|
|
53 |
|
echo |
| 37 |
54 |
echo "=== Testing not fast-forward without rights..." |
echo "=== Testing not fast-forward without rights..." |
| 38 |
55 |
git reset --hard HEAD~1 |
git reset --hard HEAD~1 |
| 39 |
56 |
echo "bbb" > a |
echo "bbb" > a |
| |
| ... |
... |
if [ "${?}" != "1" ]; then |
| 45 |
62 |
fi |
fi |
| 46 |
63 |
echo "=== Testing not fast-forward with rights..." |
echo "=== Testing not fast-forward with rights..." |
| 47 |
64 |
export ROCKETGIT_REPO_RIGHTS="COP" |
export ROCKETGIT_REPO_RIGHTS="COP" |
|
65 |
|
php ${tests}/hook_update_help.php refs |
| 48 |
66 |
git push --force origin master |
git push --force origin master |
| 49 |
67 |
if [ "${?}" != "0" ]; then |
if [ "${?}" != "0" ]; then |
| 50 |
68 |
echo "Should work!" |
echo "Should work!" |
| 51 |
69 |
exit 1 |
exit 1 |
| 52 |
70 |
fi |
fi |
| 53 |
71 |
|
|
|
72 |
|
echo |
| 54 |
73 |
echo "=== Testing un-annotated tag creation without rights..." |
echo "=== Testing un-annotated tag creation without rights..." |
| 55 |
74 |
git tag tag1 |
git tag tag1 |
| 56 |
75 |
git push --tags origin |
git push --tags origin |
| |
| ... |
... |
if [ "${?}" != "1" ]; then |
| 60 |
79 |
fi |
fi |
| 61 |
80 |
echo "=== Testing un-annotated tag creation with rights..." |
echo "=== Testing un-annotated tag creation with rights..." |
| 62 |
81 |
export ROCKETGIT_REPO_RIGHTS="${ROCKETGIT_REPO_RIGHTS}Y" |
export ROCKETGIT_REPO_RIGHTS="${ROCKETGIT_REPO_RIGHTS}Y" |
|
82 |
|
php ${tests}/hook_update_help.php refs |
| 63 |
83 |
git push --tags origin |
git push --tags origin |
| 64 |
84 |
if [ "${?}" != "0" ]; then |
if [ "${?}" != "0" ]; then |
| 65 |
85 |
echo "Should work!" |
echo "Should work!" |
| 66 |
86 |
exit 1 |
exit 1 |
| 67 |
87 |
fi |
fi |
| 68 |
88 |
|
|
|
89 |
|
echo |
| 69 |
90 |
echo "=== Testing un-annotated tag modify without rights..." |
echo "=== Testing un-annotated tag modify without rights..." |
| 70 |
91 |
git tag -d tag1 |
git tag -d tag1 |
| 71 |
92 |
git tag tag1 HEAD~1 |
git tag tag1 HEAD~1 |
| |
| ... |
... |
if [ "${?}" != "1" ]; then |
| 76 |
97 |
fi |
fi |
| 77 |
98 |
echo "=== Testing un-annotated tag modify with rights..." |
echo "=== Testing un-annotated tag modify with rights..." |
| 78 |
99 |
export ROCKETGIT_REPO_RIGHTS="${ROCKETGIT_REPO_RIGHTS}U" |
export ROCKETGIT_REPO_RIGHTS="${ROCKETGIT_REPO_RIGHTS}U" |
|
100 |
|
php ${tests}/hook_update_help.php refs |
| 79 |
101 |
git push --force --tags origin |
git push --force --tags origin |
| 80 |
102 |
if [ "${?}" != "0" ]; then |
if [ "${?}" != "0" ]; then |
| 81 |
103 |
echo "Should work!" |
echo "Should work!" |
| 82 |
104 |
exit 1 |
exit 1 |
| 83 |
105 |
fi |
fi |
| 84 |
106 |
|
|
|
107 |
|
echo |
| 85 |
108 |
echo "=== Testing un-annotated tag deletion without rights..." |
echo "=== Testing un-annotated tag deletion without rights..." |
| 86 |
109 |
git tag -d tag1 |
git tag -d tag1 |
| 87 |
110 |
git push origin :refs/tags/tag1 |
git push origin :refs/tags/tag1 |
| |
| ... |
... |
if [ "${?}" != "1" ]; then |
| 91 |
114 |
fi |
fi |
| 92 |
115 |
echo "=== Testing un-annotated tag deletion with rights..." |
echo "=== Testing un-annotated tag deletion with rights..." |
| 93 |
116 |
export ROCKETGIT_REPO_RIGHTS="${ROCKETGIT_REPO_RIGHTS}u" |
export ROCKETGIT_REPO_RIGHTS="${ROCKETGIT_REPO_RIGHTS}u" |
|
117 |
|
php ${tests}/hook_update_help.php refs |
| 94 |
118 |
git push origin :refs/tags/tag1 |
git push origin :refs/tags/tag1 |
| 95 |
119 |
if [ "${?}" != "0" ]; then |
if [ "${?}" != "0" ]; then |
| 96 |
120 |
echo "Should work!" |
echo "Should work!" |
| 97 |
121 |
exit 1 |
exit 1 |
| 98 |
122 |
fi |
fi |
| 99 |
123 |
|
|
|
124 |
|
echo |
| 100 |
125 |
echo "=== Testing merge-commit without rights (${ROCKETGIT_REPO_RIGHTS})..." |
echo "=== Testing merge-commit without rights (${ROCKETGIT_REPO_RIGHTS})..." |
| 101 |
126 |
git checkout -b branch1 |
git checkout -b branch1 |
| 102 |
127 |
echo "ccc" >> a |
echo "ccc" >> a |
| |
| ... |
... |
git checkout master |
| 105 |
130 |
echo "a" > b; git add b |
echo "a" > b; git add b |
| 106 |
131 |
git commit -m "c" b |
git commit -m "c" b |
| 107 |
132 |
git merge -m "x" branch1 |
git merge -m "x" branch1 |
| 108 |
|
git push |
|
|
133 |
|
git push origin master |
| 109 |
134 |
if [ "${?}" != "1" ]; then |
if [ "${?}" != "1" ]; then |
| 110 |
135 |
echo "Should not work!" |
echo "Should not work!" |
| 111 |
136 |
exit 1 |
exit 1 |
| 112 |
137 |
fi |
fi |
| 113 |
138 |
echo "=== Testing merge-commit with rights..." |
echo "=== Testing merge-commit with rights..." |
| 114 |
139 |
export ROCKETGIT_REPO_RIGHTS="${ROCKETGIT_REPO_RIGHTS}M" |
export ROCKETGIT_REPO_RIGHTS="${ROCKETGIT_REPO_RIGHTS}M" |
| 115 |
|
git push |
|
|
140 |
|
php ${tests}/hook_update_help.php refs |
|
141 |
|
git push origin master |
| 116 |
142 |
if [ "${?}" != "0" ]; then |
if [ "${?}" != "0" ]; then |
| 117 |
143 |
echo "Should work!" |
echo "Should work!" |
| 118 |
144 |
exit 1 |
exit 1 |
| 119 |
145 |
fi |
fi |
| 120 |
146 |
|
|
|
147 |
|
echo |
| 121 |
148 |
echo "=== Testing bad-whitespace without rights..." |
echo "=== Testing bad-whitespace without rights..." |
| 122 |
149 |
echo -e " \t \ta \t\n \r\n" > b |
echo -e " \t \ta \t\n \r\n" > b |
| 123 |
150 |
git commit -m "d" b |
git commit -m "d" b |
| 124 |
|
git push |
|
|
151 |
|
git push origin master |
| 125 |
152 |
if [ "${?}" != "1" ]; then |
if [ "${?}" != "1" ]; then |
| 126 |
153 |
echo "Should not work!" |
echo "Should not work!" |
| 127 |
154 |
exit 1 |
exit 1 |
| 128 |
155 |
fi |
fi |
| 129 |
156 |
echo "=== Testing bad-whitespace with rights..." |
echo "=== Testing bad-whitespace with rights..." |
| 130 |
157 |
export ROCKETGIT_REPO_RIGHTS="${ROCKETGIT_REPO_RIGHTS}W" |
export ROCKETGIT_REPO_RIGHTS="${ROCKETGIT_REPO_RIGHTS}W" |
| 131 |
|
git push |
|
|
158 |
|
php ${tests}/hook_update_help.php refs |
|
159 |
|
git push origin master |
| 132 |
160 |
if [ "${?}" != "0" ]; then |
if [ "${?}" != "0" ]; then |
| 133 |
161 |
echo "Should work!" |
echo "Should work!" |
| 134 |
162 |
exit 1 |
exit 1 |
| 135 |
163 |
fi |
fi |
| 136 |
164 |
|
|
|
165 |
|
echo |
| 137 |
166 |
echo "=== Testing branch delete without rights..." |
echo "=== Testing branch delete without rights..." |
| 138 |
167 |
git push origin branch1 |
git push origin branch1 |
| 139 |
168 |
git push origin :branch1 |
git push origin :branch1 |
| |
| ... |
... |
if [ "${?}" != "1" ]; then |
| 143 |
172 |
fi |
fi |
| 144 |
173 |
echo "=== Testing branch delete with rights..." |
echo "=== Testing branch delete with rights..." |
| 145 |
174 |
export ROCKETGIT_REPO_RIGHTS="${ROCKETGIT_REPO_RIGHTS}D" |
export ROCKETGIT_REPO_RIGHTS="${ROCKETGIT_REPO_RIGHTS}D" |
|
175 |
|
php ${tests}/hook_update_help.php refs |
| 146 |
176 |
git push origin :branch1 |
git push origin :branch1 |
| 147 |
177 |
if [ "${?}" != "0" ]; then |
if [ "${?}" != "0" ]; then |
| 148 |
178 |
echo "Should work!" |
echo "Should work!" |
| 149 |
179 |
exit 1 |
exit 1 |
| 150 |
180 |
fi |
fi |
| 151 |
181 |
|
|
|
182 |
|
echo |
| 152 |
183 |
echo "=== Testing annotated tag create without rights..." |
echo "=== Testing annotated tag create without rights..." |
| 153 |
184 |
git tag -a tag2 -m "xxx" |
git tag -a tag2 -m "xxx" |
| 154 |
185 |
git push origin --tags |
git push origin --tags |
| |
| ... |
... |
if [ "${?}" != "1" ]; then |
| 158 |
189 |
fi |
fi |
| 159 |
190 |
echo "=== Testing annotated tag create with rights..." |
echo "=== Testing annotated tag create with rights..." |
| 160 |
191 |
export ROCKETGIT_REPO_RIGHTS="${ROCKETGIT_REPO_RIGHTS}S" |
export ROCKETGIT_REPO_RIGHTS="${ROCKETGIT_REPO_RIGHTS}S" |
|
192 |
|
php ${tests}/hook_update_help.php refs |
| 161 |
193 |
git push origin --tags |
git push origin --tags |
| 162 |
194 |
if [ "${?}" != "0" ]; then |
if [ "${?}" != "0" ]; then |
| 163 |
195 |
echo "Should work!" |
echo "Should work!" |
| 164 |
196 |
exit 1 |
exit 1 |
| 165 |
197 |
fi |
fi |
| 166 |
198 |
|
|
|
199 |
|
echo |
| 167 |
200 |
echo "=== Testing annotated tag delete without rights (${ROCKETGIT_REPO_RIGHTS})..." |
echo "=== Testing annotated tag delete without rights (${ROCKETGIT_REPO_RIGHTS})..." |
| 168 |
201 |
git tag -d tag2 |
git tag -d tag2 |
| 169 |
202 |
git push origin :refs/tags/tag2 |
git push origin :refs/tags/tag2 |
| |
| ... |
... |
if [ "${?}" != "1" ]; then |
| 173 |
206 |
fi |
fi |
| 174 |
207 |
echo "=== Testing annotated tag delete with rights..." |
echo "=== Testing annotated tag delete with rights..." |
| 175 |
208 |
export ROCKETGIT_REPO_RIGHTS="${ROCKETGIT_REPO_RIGHTS}n" |
export ROCKETGIT_REPO_RIGHTS="${ROCKETGIT_REPO_RIGHTS}n" |
|
209 |
|
php ${tests}/hook_update_help.php refs |
| 176 |
210 |
git push origin :refs/tags/tag2 |
git push origin :refs/tags/tag2 |
| 177 |
211 |
if [ "${?}" != "0" ]; then |
if [ "${?}" != "0" ]; then |
| 178 |
212 |
echo "Should work!" |
echo "Should work!" |
| 179 |
213 |
exit 1 |
exit 1 |
| 180 |
214 |
fi |
fi |
| 181 |
215 |
|
|
|
216 |
|
echo |
|
217 |
|
echo "=== Preparing for anonymous push..." |
|
218 |
|
export GIT_NAMESPACE="hook_update_ns1" |
|
219 |
|
git commit --amend -m "new" |
|
220 |
|
echo "=== Testing anonymous push without rights..." |
|
221 |
|
git push origin master |
|
222 |
|
if [ "${?}" != "1" ]; then |
|
223 |
|
echo "Should not work!" |
|
224 |
|
exit 1 |
|
225 |
|
fi |
|
226 |
|
echo "=== Testing anonymous push with rights..." |
|
227 |
|
export ROCKETGIT_REPO_RIGHTS="HW" |
|
228 |
|
php ${tests}/hook_update_help.php refs |
|
229 |
|
git push origin master |
|
230 |
|
if [ "${?}" != "0" ]; then |
|
231 |
|
echo "Should work!" |
|
232 |
|
exit 1 |
|
233 |
|
fi |
| 182 |
234 |
|
|
| 183 |
235 |
cd .. |
cd .. |
| 184 |
|
echo "Rights=${ROCKETGIT_REPO_RIGHTS}." |
|
| 185 |
236 |
|
|
| 186 |
237 |
rm -rf hook_update_*.git |
rm -rf hook_update_*.git |
| 187 |
238 |
|
|
| File tests/repo.php changed (mode: 100644) (index 4f3a648..44b983b) |
| ... |
... |
ini_set("track_errors", "On"); |
| 4 |
4 |
|
|
| 5 |
5 |
$rg_cache_socket = "rg_cache_socket"; |
$rg_cache_socket = "rg_cache_socket"; |
| 6 |
6 |
|
|
| 7 |
|
$INC = "../inc"; |
|
|
7 |
|
$INC = dirname(__FILE__) . "/../inc"; |
|
8 |
|
require_once(dirname(__FILE__) . "/config.php"); |
| 8 |
9 |
require_once($INC . "/init.inc.php"); |
require_once($INC . "/init.inc.php"); |
| 9 |
10 |
require_once($INC . "/repo.inc.php"); |
require_once($INC . "/repo.inc.php"); |
| 10 |
11 |
require_once($INC . "/sql.inc.php"); |
require_once($INC . "/sql.inc.php"); |
| |
| ... |
... |
if ($c !== FALSE) { |
| 82 |
83 |
} |
} |
| 83 |
84 |
|
|
| 84 |
85 |
$uid = time(); |
$uid = time(); |
| 85 |
|
rg_log("Inserting a fake user"); |
|
|
86 |
|
rg_log("Inserting a fake user uid=$uid"); |
| 86 |
87 |
$sql = "INSERT INTO users (uid, username, realname, salt, pass, email, itime, suspended" |
$sql = "INSERT INTO users (uid, username, realname, salt, pass, email, itime, suspended" |
| 87 |
88 |
. ", rights)" |
. ", rights)" |
| 88 |
89 |
. " VALUES ($uid, 'user-$uid', 'realname-$uid', '', '', '', $uid, 0" |
. " VALUES ($uid, 'user-$uid', 'realname-$uid', '', '', '', $uid, 0" |
| 89 |
90 |
. ", '')"; |
. ", '')"; |
| 90 |
91 |
$res = rg_sql_query($db, $sql); |
$res = rg_sql_query($db, $sql); |
| 91 |
92 |
if ($res === FALSE) { |
if ($res === FALSE) { |
| 92 |
|
rg_log("Cannot insert a user (" . rg_sql_error() . ")!"); |
|
|
93 |
|
rg_log("Cannot insert a user uid $uid (" . rg_sql_error() . ")!"); |
| 93 |
94 |
exit(1); |
exit(1); |
| 94 |
95 |
} |
} |
| 95 |
96 |
$rg_ui = rg_user_info($db, $uid, "", ""); |
$rg_ui = rg_user_info($db, $uid, "", ""); |
| |
| ... |
... |
if ($rg_ui['exists'] != 1) { |
| 98 |
99 |
exit(1); |
exit(1); |
| 99 |
100 |
} |
} |
| 100 |
101 |
|
|
|
102 |
|
// create fake user 12 |
|
103 |
|
$_uid = 12; |
|
104 |
|
rg_log("Inserting a fake user uid=$_uid"); |
|
105 |
|
$sql = "INSERT INTO users (uid, username, realname, salt, pass, email, itime, suspended" |
|
106 |
|
. ", rights)" |
|
107 |
|
. " VALUES ($_uid, 'user-$_uid', 'realname-$_uid', '', '', '', $_uid, 0" |
|
108 |
|
. ", '')"; |
|
109 |
|
$res = rg_sql_query($db, $sql); |
|
110 |
|
if ($res === FALSE) { |
|
111 |
|
rg_log("Cannot insert user uid $_uid (" . rg_sql_error() . ")!"); |
|
112 |
|
exit(1); |
|
113 |
|
} |
|
114 |
|
|
| 101 |
115 |
rg_log("Creating a repo"); |
rg_log("Creating a repo"); |
| 102 |
116 |
$new = array(); |
$new = array(); |
| 103 |
117 |
$new['repo_id'] = 0; |
$new['repo_id'] = 0; |
| |
| ... |
... |
$repo_id = $new['repo_id']; |
| 116 |
130 |
|
|
| 117 |
131 |
$ri = rg_repo_info($db, $repo_id, 0, ""); |
$ri = rg_repo_info($db, $repo_id, 0, ""); |
| 118 |
132 |
if ($ri['exists'] != 1) { |
if ($ri['exists'] != 1) { |
| 119 |
|
rg_log("ri: " . print_r($ri, TRUE)); |
|
|
133 |
|
rg_log_ml("ri: " . print_r($ri, TRUE)); |
| 120 |
134 |
rg_log("Cannot lookup repo_id $repo_id!"); |
rg_log("Cannot lookup repo_id $repo_id!"); |
| 121 |
135 |
exit(1); |
exit(1); |
| 122 |
136 |
} |
} |
| |
| ... |
... |
$a['rights'] = "P"; |
| 148 |
162 |
$a['prio'] = 13; |
$a['prio'] = 13; |
| 149 |
163 |
$a['ip'] = "1.1.1.1"; |
$a['ip'] = "1.1.1.1"; |
| 150 |
164 |
$a['misc'] = ""; |
$a['misc'] = ""; |
|
165 |
|
$a['description'] = "desc <>"; |
| 151 |
166 |
$v = rg_rights_set($db, "repo", $a); |
$v = rg_rights_set($db, "repo", $a); |
| 152 |
167 |
if ($v === FALSE) { |
if ($v === FALSE) { |
| 153 |
168 |
rg_log("Cannot give rights (1)!"); |
rg_log("Cannot give rights (1)!"); |
| 154 |
169 |
exit(1); |
exit(1); |
| 155 |
170 |
} |
} |
| 156 |
171 |
|
|
| 157 |
|
rg_log("non-owner gets correct rights: F gets from default rights."); |
|
|
172 |
|
rg_log("non-owner gets correct rights: A gets from injected rights."); |
| 158 |
173 |
$a = array(); |
$a = array(); |
| 159 |
174 |
$a['right_id'] = 0; |
$a['right_id'] = 0; |
| 160 |
175 |
$a['obj_id'] = $ri['repo_id']; |
$a['obj_id'] = $ri['repo_id']; |
| 161 |
176 |
$a['who'] = 400; |
$a['who'] = 400; |
| 162 |
177 |
$a['uid'] = 12; |
$a['uid'] = 12; |
| 163 |
|
$a['rights'] = "AaB"; |
|
|
178 |
|
$a['rights'] = "aB"; // Access bug tracker + Add bugs |
| 164 |
179 |
$a['prio'] = 50; |
$a['prio'] = 50; |
| 165 |
180 |
$a['ip'] = ""; |
$a['ip'] = ""; |
| 166 |
181 |
$a['misc'] = ""; |
$a['misc'] = ""; |
|
182 |
|
$a['description'] = "rights for uid 12"; |
| 167 |
183 |
$r = rg_rights_set($db, "repo", $a); |
$r = rg_rights_set($db, "repo", $a); |
| 168 |
184 |
if ($r !== TRUE) { |
if ($r !== TRUE) { |
| 169 |
185 |
rg_log("Cannot set rights (" . rg_rights_error() . ")!"); |
rg_log("Cannot set rights (" . rg_rights_error() . ")!"); |
| 170 |
186 |
exit(1); |
exit(1); |
| 171 |
187 |
} |
} |
| 172 |
|
$e = "F"; |
|
|
188 |
|
$e = "A"; // will not match the above right but the one injected |
| 173 |
189 |
$r = rg_rights_get($db, $ri['repo_id'], "repo", $uid, $a['uid'], 0); |
$r = rg_rights_get($db, $ri['repo_id'], "repo", $uid, $a['uid'], 0); |
| 174 |
|
$c = isset($r['list'][0]['rights']) ? $r['list'][0]['rights'] : "BAD"; |
|
|
190 |
|
$c = isset($r['list'][0]['rights']) ? $r['list'][0]['rights'] : "_BAD_"; |
| 175 |
191 |
if (strcmp($c, $e) != 0) { |
if (strcmp($c, $e) != 0) { |
| 176 |
192 |
rg_log("Non-owner did not get correct rights: c=$c e=$e."); |
rg_log("Non-owner did not get correct rights: c=$c e=$e."); |
| 177 |
193 |
rg_log_ml("r=" . print_r($r, TRUE)); |
rg_log_ml("r=" . print_r($r, TRUE)); |
| |
| ... |
... |
$a['rights'] = "E"; |
| 188 |
204 |
$a['prio'] = 100; |
$a['prio'] = 100; |
| 189 |
205 |
$a['ip'] = ""; |
$a['ip'] = ""; |
| 190 |
206 |
$a['misc'] = ""; |
$a['misc'] = ""; |
|
207 |
|
$a['description'] = "rights for uid 500"; |
| 191 |
208 |
$v = rg_rights_set($db, "repo", $a); |
$v = rg_rights_set($db, "repo", $a); |
| 192 |
209 |
if ($v === FALSE) { |
if ($v === FALSE) { |
| 193 |
210 |
rg_log("Owner cannot set separate rights for him!"); |
rg_log("Owner cannot set separate rights for him!"); |
| |
| ... |
... |
if ($r === FALSE) { |
| 200 |
217 |
rg_log("Cannot list rights (" . rg_repo_error() . ")"); |
rg_log("Cannot list rights (" . rg_repo_error() . ")"); |
| 201 |
218 |
exit(1); |
exit(1); |
| 202 |
219 |
} |
} |
| 203 |
|
print_r($r); |
|
|
220 |
|
if (count($r) != 2) { |
|
221 |
|
rg_log_ml("r=" . print_r($r, TRUE)); |
|
222 |
|
rg_log("Cannot load all rights!"); |
|
223 |
|
exit(1); |
|
224 |
|
} |
| 204 |
225 |
// TODO: we should test if expected fields are returned! |
// TODO: we should test if expected fields are returned! |
| 205 |
226 |
|
|
| 206 |
|
|
|
| 207 |
227 |
rg_log("Testing the rename of the repos"); |
rg_log("Testing the rename of the repos"); |
| 208 |
228 |
$repo_name = "renameA"; |
$repo_name = "renameA"; |
| 209 |
229 |
$rg_repos = "repos"; |
$rg_repos = "repos"; |